Privacy has become a digital feature consumers look for, like “sweatshop-free.” Apps that offer good privacy get positive points with the public, at least in the form of approving stories in the tech press. In a way, privacy, usually in the form of “end-to-end encryption,” has started to work on the public in a similar way to labels like “free range” or “100 percent post-consumer recycled material.” Once a socially positive business practice cracks the public consciousness, consumers start to look for logos that give them a chance to vote with their dollars.
When we spoke to another privacy-as-a-service firm, Virgil Security, its founders told us that demand for privacy products skyrocketed with Edward Snowden’s revelations about general surveillance by the NSA. Since then, WhatsApp has deployed end-to-end security as a default feature for all messages. The dominant messaging app turned to Open Whisper Systems to secure it, the same system that Google turned to when it decided to get into the messaging game, with its announcement of Allo at Google I/O. Privacy-as-a-service looks like it could be an important new B2B tech sector going forward, and the consensus seems to be that Open Whisper Systems will lead that market.
Privacy wonks will know that Open Whisper Systems’ consumer facing app is called Signal, a platform that promises not only to secure the content of your messages, but their metadata as well. In other words, a spy wouldn’t be able to snag a message and see for whom it was intended. I use Signal daily. If it works as advertised, G-Men can’t tell if I’m talking to three people or 30.
Other messaging apps are more fun. They offer GIFS, photos and all sorts of sticker sets, but the fact that companies like Facebook and Google have turned privacy work over to Open Whisper Systems suggests that Signal has really been more of a product testing environment than a business vertical. Why compete with WhatsApp when it will hire you?
In other words, the day may come when Open Whisper Systems stops supporting Signal, and the app would then die the slow death of a thousand phone updates (a decline Sunrise users face now). Open Whisper Systems has already made it clear that it doesn’t ever intend to federate its products (in other words, it controls the software from its servers). In a blog post, Moxie Marlinspike, the founder, wrote that he could not envision opening his company’s software up so that others could install an interoperable version on their own equipment (Which is how email works, and that’s why it’s so hard to add new features—such as encryption).
For a defense of interoperable, open standards, check out this memoriam to the creator of email, on SelectAll. PGP is an open standard. Anyone can encrypt anything and send secure messages to any other PGP user. As far as anyone can tell, none of the spooks out there have cracked PGP. On the other hand, PGP fails to hide who you are talking to.
In Signal, in WhatsApp, apps takes their orders from central servers, which means we just have to trust that those servers have really kept users private, that there’s no master key or other backdoor.
Open Whisper Systems already made a bit of a devil’s bargain when it took the Google deal, because Allo won’t be secure by default. Instead, users will opt-in to an “incognito mode.” The Observer reported on the deficiencies of Chrome’s incognito versus Firefox’s private mode. In Allo’s incognito mode, some of the new app’s more fun and convenient features (like automatic message suggestion) will stop working, because Google needs to be able to read what you have to say. In other words, if Allo were a 1980s metal album, its subliminal message would be: “Encryption kind of sucks.”
An internet pioneer named David Chaum is working on a new platform called PrivaTegrity that will take something of a middle road. It’s a system for more powerful encryption and anonymity, one that’s launching with (wait for it) an Android messaging app. Mr. Chaum’s vision is to centralize PrivaTegrity at multiple servers around the world. Each message would go through all the servers to reach its recipient, creating baffling levels of protections for users. This would mean that each of its multiple HQs would have to agree on new features and updates.
Mr. Chaum’s scheme would also give PrivaTegrity a back door. A user’s messages could be decrypted, but only if each of the global servers agreed to act in concert (meaning that if the US authorities wanted to spy on a user but, say, Swiss authorities disagreed, there could be no spying). During the debate over the San Bernadino shooter’s iPhone, many pundits pointed out that if Apple cooperated with the the USA, it would have to cooperate with China later. Mr. Chaum’s scheme rather elegantly sidesteps that problem, but there’s still a back door.
All this activity indicates that privacy has moved from a hobbyist niche to a proper industry, and businesses tend to be uneasy about free, decentralized products. As demand for more complex protocols increases, it becomes easier to justify centralized control over the products that deliver those schemes. So here’s another way that end-to-end encryption is turning into now familiar labels like “GMO free” and “fair trade”: it’s attractive to consumers, but they pretty much have to take the provider’s word for it.